Install FIPS images

To install the FIPS-compliant build of Service Mesh Manager, complete the following steps.

1. Download the following YAML file. It contains the list of FIPS-compliant images the installer should use.

   apiVersion: servicemesh.cisco.com/v1alpha1
   kind: IstioControlPlane
   metadata:
     name: cp-v115x
   spec:
     version: 1.15.3
     mode: ACTIVE
     istiod:
       deployment:
         image: 033498657557.dkr.ecr.us-east-2.amazonaws.com/banzaicloud/istio-pilot:v1.15.3-bzc.0-fips
     proxy:
       image: 033498657557.dkr.ecr.us-east-2.amazonaws.com/banzaicloud/istio-proxyv2:v1.15.3-bzc.0-fips
     proxyInit:
       cni:
         daemonset:
           image: 033498657557.dkr.ecr.us-east-2.amazonaws.com/banzaicloud/istio-install-cni:v1.15.3-bzc.0-fips
       image: 033498657557.dkr.ecr.us-east-2.amazonaws.com/banzaicloud/istio-proxyv2:v1.15.3-bzc.0-fips
     sidecarInjector:
       deployment:
         image: 033498657557.dkr.ecr.us-east-2.amazonaws.com/banzaicloud/istio-sidecar-injector:v1.15.3-bzc.0-fips
   

2. Follow any of the regular installation guides (for example, Create single cluster mesh or Create multi-cluster mesh), but use the following customized YAML file with the initial installation command to use the FIPS-compliant versions of the images. For example, for a non-interactive single-cluster installation, run:

   smm install  -a --cluster-name <name-of-your-cluster> --istio-cr-file istio-fips.yaml